package com.kedacom.ctsp.authz.security.aspect;

import com.kedacom.ctsp.authz.entity.AuthResource;
import com.kedacom.ctsp.authz.security.provider.AuthUserDetails;
import org.springframework.security.access.PermissionEvaluator;
import org.springframework.security.core.Authentication;

import java.io.Serializable;
import java.util.Optional;
import java.util.Set;

/**
 * 使用AuthResource默认的配置项.
 *
 * @author xuwei
 * @create 2017-11-29 11:06
 **/
public class AuthzPermissionAutoEvaluator implements PermissionEvaluator {


    public AuthzPermissionAutoEvaluator() {
    }

    @Override
    public boolean hasPermission(Authentication authentication, Object targetDomainObject, Object permission) {
        if (authentication == null) {
            return false;
        }
        if (!(authentication.getPrincipal() instanceof AuthUserDetails)) {
            return false;
        }
        //TODO
        //       AuthUserDetails authUserDetails = (AuthUserDetails) authentication.getPrincipal();
//        Optional<Set<AuthResource>> resourceOptional = authUserDetails.getAuthentication().getResources(String.valueOf(permission));
//        // 没有resource返回
//        if (!resourceOptional.isPresent()) {
//            return false;
//        }
        return true;
    }

    @Override
    public boolean hasPermission(Authentication authentication, Serializable targetId, String targetType, Object permission) {
        throw new UnsupportedOperationException();
    }

}
